如何将端口8080重定向到端口443?

时间:2018-03-14 14:49:17

标签: node.js apache proxy

我有一个Apache 2服务器,我安装了NodeJS。

我的网站已启动并正在运行https://www.mydomaine.com

如果我将端口443与NodeJS一起使用,则它不起作用。我看到有必要使用1024的端口。

如何将端口8080重定向到端口443?

我启用了proxy和proxy_http mods

以下是我服务器的配置:

<IfModule mod_fastcgi.c>
    AddHandler php7-fcgi-www.mydomaine.com .php
    Action php7-fcgi-www.mydomaine.com /php7-fcgi-www.mydomaine.com
    Alias /php7-fcgi-www.mydomaine.com /usr/lib/cgi-bin/php7-fcgi-www.mydomaine.com
    FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi-www.mydomaine.com -socket /run/php/php7.1-fpm.www.mydomaine.com.sock -idle-timeout 120 -pass-header Authorization

    <Directory "/usr/lib/cgi-bin">
        Require all granted
    </Directory>
</IfModule>

<VirtualHost 138.74.184.65:80 [2001:21d0:0305:2100:0000:0000:0000:4741]:80>
    ServerAdmin contact@mydomaine.com
    ServerName mydomaine.com
    ServerAlias www.mydomaine.com

    RewriteEngine on
    RewriteCond %{HTTPS} !on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost 138.74.184.65:443 [2001:21d0:0305:2100:0000:0000:0000:4741]:443>
SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/www.mydomaine.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomaine.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/www.mydomaine.com/chain.pem
    SSLProtocol all -SSLv2 -SSLv3
    SSLHonorCipherOrder on
    SSLCompression off
    SSLOptions +StrictRequire
    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
    Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-Download-Options "noopen"
    Header always set X-Permitted-Cross-Domain-Policies "none"
    Header always set Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'"
    Header set Set-Cookie HttpOnly;Secure

    ServerAdmin contact@mydomaine.com
    ServerName mydomaine.com
    ServerAlias www.mydomaine.com
    DocumentRoot /var/www/www.mydomaine.com/public_html/web/

    <Directory /var/www/www.mydomaine.com/public_html/web>
        Options FollowSymLinks MultiViews
        AllowOverride All
        Require all granted
    </Directory>

    <IfModule mod_fastcgi.c>
        <FilesMatch ".+\.ph(p[345]?|t|tml)$">
            SetHandler php7-fcgi-www.mydomaine.com
        </FilesMatch>
    </IfModule>

    ErrorLog /var/www/www.mydomaine.com/logs/error.log
    CustomLog /var/www/www.mydomaine.com/logs/access.log combined
</VirtualHost>
</IfModule>

我使用以下命令在我的服务器上安装了NodeJS:

# curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
# apt-get update
# apt-get install nodejs

使用以下命令在Drupal 8上:

# cd /home/www.mydomaine.com/public_html
# npm install drupal-node.j
# npm install pm2 -g

以下是Drupal的NodeJS配置:

# cd node_modules/drupal-node.js
# cp nodejs.config.js.example nodejs.config.js
# nano nodejs.config.js

并且:

settings = {
  scheme: 'http',
  port: 8080,
  host: 'localhost',
  resource: '/socket.io',
  serviceKey: 'hgfjkliutfh',
  backend: {
    port: 443,
    host: 'www.mydomaine.com',
    scheme: 'https',
    basePath: '/web',
    messagePath: '/nodejs/message'
  },
  debug: true,
  sslKeyPath: '/etc/letsencrypt/live/www.mydomaine.com/privkey.pem',
  sslCertPath: '/etc/letsencrypt/live/www.mydomaine.com/cert.pem',
  sslCAPath: '/etc/letsencrypt/live/www.mydomaine.com/chain.pem',
  baseAuthPath: '/nodejs/',
  extensions: [],
  clientsCanWriteToChannels: false,
  clientsCanWriteToClients: false,
  transports: ['websocket', 'polling'],
  jsMinification: true,
  jsEtag: true,
  logLevel: 1
};

我添加到iptables:

# NODE JS
iptables -t filter -A OUTPUT -p tcp --dport 8080 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 8080 -j ACCEPT

在我的网站上,控制台中显示以下错误:

  

无法加载源为«的元素   http://localhost:8080/socket.io/socket.io.js»。

并且:

  

拒绝加载脚本   'http://localhost:8080/socket.io/socket.io.js',因为它违反了   遵循内容安全策略指令:“default-src https:data:   'unsafe-inline''unsafe-eval'“。注意'script-src'不是   显式设置,因此'default-src'用作后备。

0 个答案:

没有答案